This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Extreme Switch ACL

Extreme Switch ACL

Jawn
New Contributor

‎11-13-2017 07:59 AM

Hi Support,

I would like to ask about ACL configuration.

Assuming I have 3 Vlan created.
Vlan 10 , HR , 192.168.10.1/24
Vlan 20 , IT, 192.168.20.1/24
Vlan 30, GM, 192.168.30.1/24

I would like all 3 Vlan to be isolated from each other; not able to ping/communicate to each other.
This is the command i have created but not sure if it works anot.
below is the example of blocking HR to IT & GM.

vi HR.pol
press"i" to insert
entry IT{
if match all {
destination-address 192.168.20.1/255.255.255.0
destination-address 192.168.30.1/255.255.255.0
} then {
deny;
}
}

Please advise if this is the right way to configure.

Thanks
Regards
Jawn

0 Kudos
7 REPLIES 7

Jawn
New Contributor
In response to Erik_Auerswald

‎11-13-2017 04:02 PM

Hi Erik,

Thanks for the advise.
If I want to block HR (.10) to IT & GM.

Does the below command work?

entry block_IT_and_GM {
if match any{
source-address 192.168.10.1/24; #this is HR
destination-address 192.168.20.1/24; # this is IT
destination-address 192.168.30.1/24; # this is GM
} then {
deny;
}
}
0 Kudos

Drew_C
Valued Contributor III

‎11-13-2017 01:38 PM

Hi Jawn,
I edited this post so that it was public, and not private. This way, other community members can respond to you.
0 Kudos

Jawn
New Contributor
In response to Drew_C

‎11-13-2017 01:38 PM

Thank Drew !
Appreciated much.
0 Kudos
GTM-P2G8KFN